Some Single-Point MPLS VPN Services Are Interrupted

Publication Date: 2015-06-09Views: 266Downloads: 0

Issue Description

In the following figure, the AR2240 is the access router (JR), the NE20E-X6 is the aggregation router (HJ), and Cisco device is the core device (HX). HX1 and HX2 are BGP VPNv4 RRs, and all HJs and JRs have BGP and MPLS enabled.

The video VPN service from JR1 to HX1 cannot be forwarded. On some JRs, MPLS VPN services cannot be forwarded and routes on the core side are unreachable. Such problems do not exist on HJs.

2. Run the display bgp vpnv4 vpn-instance video routing-table | include 172.24.11 command to check BGP routes of the specified VPN instance. There is the route of 172.24.11.248/29, but the route is not the optimal one.

Optimize the network plan, use flattened networking to reduce the routing table size on endpoints.

Root Cause

Primary cause: The customer network plan is improper.

 In a single area, there are too many OSPF routers and routing entries. Many host routes that are not used for tunnel setup wastes labels. After the fault is rectified, we find that Huawei requires no more than 50 tunnels. There is no hierarchical deployment. It is recommended that IS-IS be deployed at the core layer and OSPF at the access layer and different areas be assigned for different counties. You can configure the stub area or NSSA to reduce the number of routing entries in a single area.

 The MPLS VPN plan is not proper. There is no CE. The services that should be transmitted on the CE are all transmitted on the PE. According to the root cause and label capacity, the load of the PE is too heavy.

Secondary cause: The label capacity of the AR2240 is not enough.

Suggestions

The network plan should be proper. Use hierarchical deployment and reduce the number of routing entries in a single area. When deploying MPLS VPN, notice the load of the PE and check whether the label specifications are exceeded.